HTML/PHP enters blank row in mysql database

Hi Folks,

I have a simple contact form on an HTML page in place which calls the following PHP form in my code snippet. I have simple text validation in place on the HTML side and the form handler seems to work most of the time. My problem is that roughly 10% of the form results will come through completely blank except for the IP Address is logged. End users are filling out the form handler correctly and then getting to the confirmation but the database row/email results are completely blank except for the IP.

Any thoughts on the code and/or how this can be avoided on the back end of the MySQL DB?

Thank you,



// sql
$con = mysql_connect("localhost","database_login","password");
if (!$con)
        die('Could not connect: ' . mysql_error());
mysql_select_db("database", $con);
$fields = array( "company", "contact", "address1", "address2", "city", "state", "zip", "phone", "fax", "email", "webpage", "signature", "date", "ipaddress" );
$fieldsText = "";
$valuesText = "";
$message = "";
for ( $i = 0; $i < count( $fields ); $i++ ) {
  // Generate fields and values text for sql query
   $fieldsText .= $fields[$i].",";
   if ( $fields[$i] == "ipaddress" ) {
        $valuesText .= " '{$_SERVER['REMOTE_ADDR']}',";
        $message .= str_replace('_', ' ', $fields[$i]).": ".$_SERVER['REMOTE_ADDR']."\n";
  } else {
                $_POST[$fields[$i]] = (get_magic_quotes_gpc()) ? $_POST[$fields[$i]] : addslashes($_POST[$fields[$i]]);
        $valuesText .= " '".$_POST[$fields[$i]]."',";
        $message .= str_replace('_', ' ', $fields[$i]).": ".$_POST[$fields[$i]]."\n";
// Remove last commas in fields and values text
$fieldsText = rtrim($fieldsText, ",");
$valuesText = rtrim($valuesText, ",");
$sql = "INSERT INTO deed_query ( $fieldsText ) VALUES ( $valuesText )";
$SQL_query_result = 'ok';
if (!mysql_query($sql,$con))
        $SQL_query_result = 'error';
// mail
$to = '';
$subject = 'Information Request Form';
$crlf = "\n";
$headers =
    'MIME-Version: 1.0'.$crlf.
    'From: '.$from.$crlf.
    'Content-type: text/plain; charset=iso-8859-1'.$crlf;
$message = $message.$crlf;
mail($to, $subject, $message);
// confirm
if ($SQL_query_result == 'ok')
        header('Location: thankyou_url.html');
                //mail yourself the error
                $to = "";
                $msg = "Error found at ".$_SERVER['PHP_SELF']."\n";
                $msg .=$sql."\n\n";
                $msg .= "SQL ERROR: ".mysql_error();
                mail($to, "SQL ERROR", $msg);
        die('Error: ' . mysql_error());

Open in new window

Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

iPromoExpertConnect With a Mentor Commented:
From the looks of this code there is no validation done to check for empty fields and force a user to fill them out, therefore i assume its done on the client side with Javascript. Could you please provide the validation code. Thanks.
pcisAuthor Commented:
Hi iPromo,

I dont have access to the server side HTML at the moment but there is validation from Dreamweaver that the fields cannot be blank or the submit function does not work. I will get the HTML source to you when I get home in an hour or so. Also there is no Javascript involved. Thank you.      
I doubt that there is no JavaScript as i don't know any other way to validate input fields on the frontend. Dreamweaver is a program used to put together html, javascript, even php, its not a server or application technology. It can't validate anything . post the code we'll figure it out.
All Courses

From novice to tech pro — start learning today.